Report Project 3

Task 2

In order to find the private key the first step is to find the factors(p and q) of the public

key N then using the factors (p and q) and the public exponent e calculate the private key using

the formula d=e^{−1}modϕ(n).

The first step of task 2 is to get the factors of N using the get_factor function and return p

and q. In order to find the prime factors of N I used Fermat's factorization method to obtain

these values. I referenced a wikipedia article titled ​Fermat's factorization method​[1] . Fermat's

factorization method factors N into p and q very quickly if p and q share half of their leading bits.

The next step was to calculate d using p, q, and e in the get_key function. The modular

inverse of Phi = (px1) (qx 1) and e is calculated which is equal to the private key d. To solve

this I referenced the Wiki article titled ​Algorithm Implementation/Mathematics/Extended

Euclidean algorithm​[3]. An application of the extended GCD algorithm is used to find the

modular inverse of Phi and e. The algorithm used is to find the GCD is recursive.

Task 3

The first step in task three is to find a shared P or Q between n1 and n2. Once this factor

is found the P and Q can be calculated for n1. In the function is_waldo I was able to find a factor

for P and Q between n1 and n2 by finding the greatest common denominator using Euclid

algorithm a similar step used in task 2.

 Once this common factor was found in the next method get_private_key I can find one of

the factors P using the Euclid algorithm (calculated using the same method in the first step) and

calculated the Q using n1/P. Now that I found both P and Q I can use the similar steps from task

2 to calculate the private key. That is calculating the modular inverse using both Phi and e to

find d.

Task 4

This attack works because the public exponent is small and the encrypted message m is

short. This allows the RSA function easily to inverted. This is known as a low public exponent

attack referenced in the wikipedia sorce ​Coppersmith's attack ​[5]

Using a wiki source titled ​Using the Chinese remainder algorithm ​[3] I was able to find a

solution to solve this problem. The Chinese remainder algorithm allows us to find a solution

quickly because if we know the factorization of the modulus N when can then we can split up

the message M into three parts and compute each modulus separately, and then recombine

the messages.
 References

1. https://en.wikipedia.org/wiki/Fermat%27s_factorization_method
2. https://www.geeksforgeeks.org/multiplicative-inverse-under-modulo-m/
3. https://en.wikibooks.org/wiki/Algorithm_Implementation/Mathematics/Extended_Euclidea
n_algorithm
4. https://en.wikipedia.org/wiki/RSA_(cryptosystem)#Using_the_Chinese_remainder_algorit
hm
5. https://en.wikipedia.org/wiki/Coppersmith%27s_attack#Low_public_exponent_attack